Job Summary:

The Security Architect works within a multi-disciplinary team of engineers and architects to design, build and maintain integrated security solutions and patterns for the enterprise. Success for this role is centered upon establishing and maintaining solid relationships and buy-in for risk-mitigation initiatives that serve as enablers of business transformation.  

The Role will:

• Gather and analyze requirements from business and technical stakeholders to produce business and functional requirements and use cases/user stories for security solutions
• Design, develop, and document enterprise security solutions to meet requirements
• Develop and deploy prototype solutions, perform gap analyses and work with engineering team to fully operationalize the designs.
• Evaluate new and emerging security technologies for potential suitability in the company's environment
• Evaluate existing security tools, identify and prototype automation and new tooling to improve efficiency of security engineering capabilities
• Act as security subject matter expert utilizing current information security technology disciplines and industry standards to ensure confidentiality, integrity, and availability of information assets
• Evaluate enterprise-wide IT solutions and solution designs for the presence of effective security controls and regulatory compliance, using systematic assessment and threat modelling approaches.  Partner with the solution owners, technology experts and vendors to ensure any missing security controls are designed and added, mitigated or risk managed.
• Develop reference security architectures and frameworks (including requirements, design patterns, and other artifacts) for use throughout the company
• Contribute to the development of security policies, security standards, and risk governance processes
• Develop and foster relationships with technical teams and business partners in order to create an integrated approach that provides data integrity, information confidentiality, and service availability.
• Support business operations and critical information asset investments to ensure the security portfolio remains strategic and fully aligned to execute the priorities of the organization and deliver expected business results

Knowledge / Skills / Abilities:

• Demonstrated knowledge of Enterprise IT including network security, mobile security, cloud security, and infrastructure security, including Windows, Unix/Linux.
• Experience with designing implementations of common security tools such as Firewalls, Identity Management, PIM/PAM, Remote Access, DLP, EDR, Vulnerability Detection, SEIM, Security Gateways and Proxy Technologies.
• Demonstrated multiple year experience in one or more of the following:
• Data Protection
• Identity and Access Management
• Cloud Security
• DevSecOps
• Knowledge of application security including API security, solutions focusing on authentication, audit and logging, request/response validation.
• Knowledge of industry IAM standards like OAuth, OpenID Connect, SAML, SCIM, FIDO and other emerging trends.
• Demonstrated ability to assess complex and heterogeneous solutions and achieve “Secure by Design" through partnership with business stakeholders, solution designers, other subject matter experts, vendors, and governance, risk and compliance teams.
• Experience of applying Industry Security Frameworks such as NIST CSF/800-53/800-82, ISO 27001, OSA, OWASP, CIS, CSA, PCI
• Preferred experience with the transformation of traditional data center security measures into industry adopted cloud technologies including Amazon, Azure, Google, etc.
• Experience with multiple architecture styles including SOA, API-first and micro-services architectures.

• Experience in architecting and building large scale systems using scale-out architecture that require high availability, performance, high scalability and multi-tenancy.

Required Qualifications:

• One or more Security certifications (i.e. CISSP, CCSP, CISM, GSEC, SANS GIAG, ISSAP) or equivalent education. Additional cloud provider certification is a plus
• 7+ years’ work experience in in Security Engineering, Identity and Access Lifecycle Management, Data Protection, or Cloud Security in a medium or large corporate environment; or a Master’s degree in Information Security with 4 years’ work experience in Security Engineering, Identity and Access Lifecycle Management, Data Protection, or Cloud Security
• Demonstrated ability to develop solution designs to support enterprise-level environments
• Experience in developing enterprise security solutions in a large, complex environment
• Demonstrated strong analytical and problem-solving skills
• Demonstrated ability to work within globally dispersed and cross-functional teams
• Broad knowledge of information technology and security controls in various application and infrastructure platforms including network (physical, virtual, internal, cloud), system platforms, storage, directory services, and end user computing